Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23897

S3 plugin's signed URL expiry is extremely sensitive to clock drift


    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • s3-plugin
    • s3-plugin 0.6, or 0.7-SNAPSHOT; Jenkins 1.573 or 1.574-SNAPSHOT

      The S3 plugin is very sensitive to clock drift on the Jenkins server, as it signs download URLs with a 4000ms (4s) expiry.

      This results in errors like:

        <Message>Request has expired</Message>

      which won't be super-informative to the user.

      I suggest two changes.

      First, default to a longer expiry, say 60 seconds, that allows for things like a little packet loss / a high latency connection / etc, and a little clock drift.

      Second, document the need for NTP to keep up reasonable clock sync.

      I'll follow up with a patch for both.

            mikewatt Michael Watt
            ringerc Craig Ringer
            0 Vote for this issue
            1 Start watching this issue